Headline
CVE-2021-42743: SVD-2022-0501
A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows.
Local privilege escalation via a default path in Splunk Enterprise Windows****Description
A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows.
Solution
Upgrade Splunk Enterprise Window versions to 8.1.1 or later.
Product Status
Product
Version
Affected Versions
Fix Version
Splunk Enterprise
8.2
-
8.2.0
Splunk Enterprise
8.1
8.1.0 and earlier
8.1.1
The vulnerability does not impact Splunk Cloud Platform instances.
Acknowledgments
Ilias Dimopoulos of RedyOps Research Labs